Red/Green security provides a technique for protecting sensitive data and keeping computers and networks secure. In a conventional Red/Green security scheme, one computer is designated as a “Green” computer and another computer is designated as a “Red” computer.
The Green computer is a trusted system. It has generally been verified to be free of viruses and other malware. To maintain its trusted status, the Green computer is generally limited to known-safe operations and networks. For example, in some arrangements, the Green computer may be prohibited from connecting to the Internet and may be allowed to visit only a limited set of locations on an isolated network. In other arrangements, the Green computer is allowed to connect to the Internet, but is limited to visiting only a designated set of websites. The Green computer is also generally limited to particular applications and may prohibit users from installing new applications.
In contrast, the Red computer is not trusted. It is permitted to perform a much wider range of activities than the Green computer. These include visiting most websites and installing and running applications that have not been verified as safe. The Red computer is assumed to be compromised and is therefore isolated from any Green computers to prevent the flow of information (including malware) between Red computers and Green computers.